---
# Common configuration for the Module Build Service (MBS) pieces

- name: install needed packages
  package:
    state: present
    name:
    - module-build-service
    - python-psycopg2
    - libsemanage-python
    - python-memcached
    - python2-distro
  notify:
  - restart apache
  - restart fedmsg-hub
#  - restart mbs poller
#  - restart mbs workers
  tags:
  - mbs
  - mbs/common

- name: kill development configs
  file: path=/etc/fedmsg.d/{{ item }} state=absent
  with_items:
  - module_build_service.py
  - mbs-logging.py
  notify:
  - restart apache
  - restart fedmsg-hub
  tags:
  - mbs
  - mbs/common

- name: copy app configuration
  template: >
    src=config.py dest=/etc/module-build-service/config.py
    owner=root group=fedmsg mode=0640
  notify:
  - restart apache
  - restart fedmsg-hub
#  - restart mbs poller
#  - restart mbs workers
  tags:
  - mbs
  - mbs/common

- name: copy koji configuration
  template: >
    src=koji.conf dest=/etc/module-build-service/koji.conf
    owner=root group=fedmsg mode=0644
  notify:
  - restart fedmsg-hub
  tags:
  - mbs
  - mbs/common

- name: copy fedmsg configuration
  template: >
    src=mbs-fedmsg.py dest=/etc/fedmsg.d/mbs-fedmsg.py
    owner=root group=fedmsg mode=0644
  notify:
  - restart apache
  - restart fedmsg-hub
  tags:
  - mbs
  - mbs/common

- name: copy client secrets
  template: >
    src=client_secrets.json.{{env}} dest=/etc/module-build-service/client_secrets.json
    owner=root group=fedmsg mode=0640
  when: inventory_hostname.startswith('mbs-frontend')
  notify:
  - restart apache
  tags:
  - mbs
  - mbs/common

- name: create /var/cache/fedmsg/ directory for krb ccache
  file:
    path: /var/cache/fedmsg/
    state: directory
    owner: fedmsg
    group: fedmsg
    mode: 0750
  tags:
  - mbs
  - mbs/common

- name: create /etc/pdc.d directory
  file:
    path: /etc/pdc.d
    state: directory
    owner: root
    group: root
    mode: 0775

- name: copy pdc client config file
  copy: >
    src=fedora.json.{{env}} dest=/etc/pdc.d/fedora.json
    owner=root group=root mode=0644
  notify:
  - restart apache
  - restart fedmsg-hub
  tags:
  - mbs
  - mbs/common

- name: Configure MBS virtual host in RabbitMQ
  block:
  - name: copy the MBS rabbitmq private queue crt
    copy:
      src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/mbs-private-queue{{env_suffix}}.crt"
      dest: /etc/module-build-service/mbs-private-queue{{env_suffix}}.crt
      owner: root
      group: fedmsg
      mode: 0640
    tags:
      - mbs
      - mbs/common

  - name: copy the MBS rabbitmq private queue key
    copy:
      src: "{{private}}/files/rabbitmq/{{env}}/pki/private/mbs-private-queue{{env_suffix}}.key"
      dest: /etc/module-build-service/mbs-private-queue{{env_suffix}}.key
      owner: root
      group: fedmsg
      mode: 0640
    tags:
      - mbs
      - mbs/common

  - name: copy the MBS rabbitmq CA cert
    copy:
      src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
      dest: /etc/module-build-service/ca.crt
      owner: root
      group: fedmsg
      mode: 0640
    tags:
      - mbs
      - mbs/common

  - name: Configure the MBS virtual host
    run_once: true
    delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
    rabbitmq_vhost:
      name: /mbs
      state: present
    tags:
      - rabbitmq_cluster
      - config
      - mbs
      - mbs/common

  - name: Configure the HA policy for the MBS queues
    run_once: true
    delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
    rabbitmq_policy:
      name: HA
      apply_to: queues
      pattern: .*
      tags:
        ha-mode: all
        ha-sync-mode: automatic  # Auto sync queues to new cluster members
        ha-sync-batch-size: 10000  # Larger is faster, but must finish in 1 net_ticktime
      vhost: /mbs
    tags:
      - rabbitmq_cluster
      - config
      - mbs
      - mbs/common

  - name: Grant the mbs user access to the MBS vhost
    run_once: true
    delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
    rabbitmq_user:
      user: "mbs{{ env_suffix }}"
      vhost: /mbs
      configure_priv: .*
      read_priv: .*
      write_priv: .*
    tags:
      - rabbitmq_cluster
      - config
      - mbs
      - mbs/common
  when: not mbs_frontend

- name: Configure the MBS workers and poller
  block:
    - name: Add the systemd service files
      template:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        owner: root
        group: root
        mode: "0644"
      with_items:
      - src: mbs-worker@.service.j2
        dest: /etc/systemd/system/mbs-worker@.service
      - src: mbs-poller.service.j2
        dest: /etc/systemd/system/mbs-poller.service
      notify:
      - restart mbs poller
      - restart mbs workers
      tags:
        - mbs
        - mbs/common

    - name: Enable the MBS workers
      systemd:
        name: "mbs-worker@{{ item }}"
        daemon_reload: yes
        enabled: yes
        state: started
      with_sequence: start=0 end={{ mbs_num_workers - 1 }}
      tags:
        - mbs
        - mbs/common

    - name: Populate the service facts to detect if there are MBS workers to disable
      service_facts: {}
      tags:
        - mbs
        - mbs/common

    - name: Disable any extra MBS workers
      systemd:
        name: "mbs-worker@{{ worker_num }}"
        enabled: no
        state: stopped
      with_items: "{{ ansible_facts.services | select('match', 'mbs-worker@\\d+.service') | list }}"
      vars:
        worker_num: "{{ item | regex_search('\\d+') }}"
      when: (worker_num | int) >= mbs_num_workers
      tags:
        - mbs
        - mbs/common
  when: not mbs_frontend

- name: create /etc/module-build-service/default-modules directory
  file:
    path: /etc/module-build-service/default-modules
    state: directory
    owner: root
    group: root
    mode: 0775
  tags:
  - mbs
  - mbs/common

- name: copy default modules to /etc/module-build-service/default-modules
  copy: src={{ item }} dest=/etc/module-build-service/default-modules
  with_fileglob:
  - default-modules.{{ env }}/*.yaml
  tags:
  - mbs
  - mbs/common

- name: import default-modules
  command: /usr/bin/mbs-manager import_module /etc/module-build-service/default-modules/{{ item | basename }}
  with_fileglob:
  - default-modules.{{ env }}/*.yaml
  when: mbs_import_default_modules | default(True)
  tags:
  - mbs
  - mbs/common
